Generic filters

SteelCloud’s ConfigOS Software Reaches “In-Process” Stage for Common Criteria Evaluation

September 26, 2019

ASHBURN, Va.Sept. 18, 2019 /PRNewswire/ — SteelCloud LLC, a STIG and CIS automation and remediation software developer, announced today that it has initiated the Common Criteria Evaluation Assurance Level (EAL) 2+ process for its ConfigOS cyber automation software product.  Common Criteria is an international framework which defines a common approach for evaluating security features and capabilities of Information Technology security products.

“We are excited to have entered the Common Criteria certification process to validate ConfigOS,” said Brian Hajost, SteelCloud President and CEO. “Common Criteria certification will support the further acceptance of ConfigOS within our federal defense, civilian, and intelligence customers.  We are dedicated to design, develop, and deliver the most comprehensive and secure STIG and CIS automation solutions available.”

ConfigOS is currently implemented in enterprise environments, classified and tactical programs, agile labs, and commercial cloud environments.  ConfigOS is client-less technology, requiring no software agents.  ConfigOS scans endpoint systems for hundreds of policy controls in under 60 seconds and then remediates the endpoints in under 90 seconds.  Automated remediation rollback, comprehensive compliance reporting, and STIG Viewer Checklist integration are also provided.  ConfigOS was designed to harden every STIG/CIS control around an application baseline in 60 minutes – typically eliminating weeks or months from the RMF/ATO accreditation timeline.  ConfigOS automates the incorporation of documented policy waivers to ensure flawless automated STIG/CIS remediation and compliance reporting.  ConfigOS addresses Microsoft Windows 7/8/10 and Windows Server ’08/’12/’16/’19 along with Red Hat Enterprise Linux 5/6/7, Ubuntu, and CENTOS Linux.

About Common Criteria

The Common Criteria for Information Technology Security Evaluation (CC) is a partnership of 30 member countries that agree on specific evaluation and testing standards for IT Products and Protection Profiles to eliminate duplicate testing and provide an even playing field for all members. All members recognize the Common Criteria Certificates which have been authorized by any other Certificate Authorizing Participant. Common Criteria evaluation standards are recognized in: United States, CanadaAustraliaNew ZealandAustria, Czech, DenmarkFinlandFranceGermanyGreeceHungaryIndiaIsraelItalyJapanMalaysiaNetherlandsNorwayPakistan, Korea, SingaporeSpainSwedenTurkey, the United Kingdom and PolandQatarEthiopia and Indonesia.

About SteelCloud

SteelCloud develops STIG and CIS compliance software for enterprise customers and technology providers.  Our products automate policy and security remediation by reducing the complexity, effort, and expense of meeting government security mandates.  SteelCloud has delivered security policy-compliant solutions to organizations around the world which simplify implementation and ongoing security and mission support. SteelCloud products are easy to license through our GSA Schedule 70 contract. SteelCloud can be reached at (703) 674-5500.  Additional information is available at or by email at

Share This Resource:

Leave a comment